CVE 2019-8291
Online Store System v1.0 delete_file.php doesn't check to see if a user has administrative rights nor does it check for path traversal.
See the
CVE page on Mitre.org
for more details.
Online Store System v1.0 delete_file.php doesn't check to see if a user has administrative rights nor does it check for path traversal.